It appears that Trashmail adds it's own DKIM signature to outbound emails.
That would be sweet from emails that originate from Trashmail, if the signature was working right.

From my tests, it seems that it suffers from two different problems, so depending on the originator, doesn't work right:

If it's an inbound email (forwarded), Trashmail adds it's own DKIM signature header (even if the original email, came with it's own DKIM signature) but d= is replaced with the originator's domain thus making the retrieved public key (if any) to have nothing to do with the key that resides at 2012._domainkey.trashmail.net TXT record -- Example case:

Could you please send me the full email header example which fails to support@trashmail.net?
In fact trashmail.net adds for each forwarded email a DKIM signature that you know if you receive original forwarded trashmail.net emails or manipulated faked ones.

Admin wrote:forwarded emails contains only original DKIM signatures of the sender.
We can't put two different DKIM signatures in one email.

As far as I can see, each forwarded e-mail, has at least a trashmail.net added DKIM signature, but it's pointing to the wrong domain name.
If sender's original DKIM signature is present, isn't affected and works as expected.

On the bright side, e-mails originated from trashmail.net, have a working DKIM signature now.